The reference to entity "action" must end with the '; ' delimiter.

Ian Young ian at
Thu Feb 7 05:31:28 EST 2013

On 7 Feb 2013, at 09:54, Glenn Wearen <glenn.wearen at> wrote:

> Slight correction, it is the ampersand that I have urlencoded, not the question mark.

The example you posted doesn't contain an ampersand.  If the character before the "action" was an ampersand, that would be invalid XML, which is what the IdP is reporting.

As to whether the "right" answer is for the SP to URL encode such an ampersand as %25 within the XML, in the hope that it won't be decoded prior to being used in a URL, I'm not sure.  I have seen that done, but if you don't have control over what the SP is generating then that may be moot.

There was a change in behaviour in this area in the IdP at some point in the 2.X series.  I want to say something like 2.2.0, but I can't see the specific issue in the release notes; it may have been a side-effect of fixing something else and perhaps someone else can remember the details.  We've also had related issues in the discovery service code.  I do remember that we were fairly confident that the IdP was doing the right thing now, though.

	-- Ian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
Url : 

More information about the users mailing list